Entity authentication methods based on asymmetric cryptographic algorithm can be categorized into two types: one-way authentication method and two-way authentication method. The uniqueness or timeliness of authentication is identified by time variant parameters, which normally may be a time stamp, a sequence number, a random number, etc. If a time stamp or sequence number is used as the time variant parameter, then the one-way authentication between entities can be completed by one pass authentication, and the two-way authentication between entities can be completed by two pass authentication; and if a random number is used as the time variant parameter, then the one-way authentication between entities can be completed by two pass authentication, and the two-way authentication between entities can be completed by three pass authentication or four pass authentication (i.e., two parallel one-way authentication).
In either one of the authentication mechanisms, prior to or during the authentication, the verifier must have the possession of a valid public key of the claimant; otherwise the authentication process may be damaged or may not be accomplished. A method for three pass two-way authentication is described hereinafter as an example:
Now refer to FIG. 1 with the tokens: TokenAB=RA∥RB∥B∥Text3∥sSA(RA∥RB∥B∥Text2) and TokenBA=RB∥RR∥RA∥A∥Text5∥sSB(RA∥RA∥A∥Text4). X represents an entity distinguishing identifier, and the authentication system includes two authentication entities A and B; CertX represents a certificate of the entity X; sSX represents a signature of the entity X; RX represents a random number generated by the entity X; and Text represents an optional text field.
The process of the three pass two-way authentication mechanism is described as follows:
Step S11: the entity B transmits a random number RB and an optional text field Text1 to the entity A;
Step S12: the entity A transmits the TokenAB and an optional certificate CertA to the entity B;
Step S13: the entity B is assured of the possession of a valid public key of the entity A by verifying a certificate of the entity A or by some other means;
Step S14: the entity B obtains the public key of the entity A, verifies a signature of the entity A in TokenAB in step S12, verifies the entity distinguishing identifier B and checks whether the random number RB transmitted in step S11 is consistent with a random number RB in TokenAB, thereby the entity B accomplishes verification of the entity A;
Step S15: the entity B transmits the TokenBA and an optional certificate CertB to the entity A;
Step S16: the entity A is assured of the possession of a valid public key of the entity B by verifying a certificate of the entity B or by some other means;
Step S17: the entity A obtains the public key of the entity B, verifies a signature of the entity B in TokenBA in step S15, verifies the entity distinguishing identifier A and checks whether the random number RA transmitted in step S12 is consistent with a random number RA in TokenBA and the random number RB received in step S11 is consistent with a random number RB in TokenBA, thereby the entity A accomplishes verification of the entity B.
As can be seen, to accomplish the three pass authentication mechanism, the entities A and B must have the possession of the other's valid public key. However, how to obtain the other's public key and its validity is not disclosed in the protocols. Currently, such requirement can not be satisfied in many application scenarios. For example, normally user access control is enabled in a communication network based on an entity authentication mechanism such that the access by a user to the network is not allowed until authentication is passed. Therefore, prior to the authentication, the user cannot or would have difficulty in accessing a certificate authority to obtain the validity of a public key of an opposing entity, i.e., a network access point, which results in failure to perform the authentication.